CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
security.nl
'Kritiek React-lek paar uur na bekendmaking misbruikt bij aanvallen'
Een kritieke kwetsbaarheid in React is een paar uur na de bekendmaking actief misbruikt door aanvallers, zo stelt Amazon. Volgens het bedrijf hebben meerdere groepen aanvallers het beveiligingslek (CV ...
-
The Hacker News
CISA Reports PRC Hackers Using BRICKSTORM for Long-Term Access in U.S. Systems
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released details of a backdoor named BRICKSTORM that has been put to use by state-sponsored threat actors from the People's ...
-
CybersecurityNews
Cacti Command Injection Vulnerability Let Attackers Execute Malicious Code Remotely
A critical command injection vulnerability in the open-source network monitoring tool Cacti allows authenticated attackers to execute arbitrary code remotely, potentially compromising the entire monit ...
-
CybersecurityNews
Splunk Enterprise Vulnerabilities Allows Privileges Escalation Via Incorrect File Permissions
A high-severity vulnerability has been disclosed in Splunk affecting its Enterprise and Universal Forwarder products for Windows, stemming from incorrect file permissions during installation and upgra ...
-
CrowdStrike.com
Unveiling WARP PANDA: A New Sophisticated China-Nexus Adversary
Throughout 2025, CrowdStrike has identified multiple intrusions targeting VMware vCenter environments at U.S.-based entities, in which newly identified China-nexus adversary WARP PANDA deployed BRICKS ...
-
The Hacker News
JPCERT Confirms Active Command Injection Attacks on Array AG Gateways
Dec 05, 2025Ravie LakshmananVulnerability / Network Security A command injection vulnerability in Array Networks AG Series secure access gateways has been exploited in the wild since August 2025, ac ...
-
CybersecurityNews
China-Nexus Hackers Actively Exploiting React2Shell Vulnerability in The Wild
China-nexus threat groups are racing to weaponize the new React2Shell bug, tracked as CVE-2025-55182, only hours after its public disclosure. The flaw sits in React Server Components and lets an attac ...
-
CybersecurityNews
PoC Exploit Released for Critical React, Next.js RCE Vulnerability (CVE-2025-55182)
A proof-of-concept (PoC) exploit for CVE-2025-55182, a maximum-severity remote code execution (RCE) flaw in React Server Components, surfaced publicly this week, heightening alarms for developers worl ...
-
Daily CyberSecurity
Russia Imposes Network-Level Blockade on Apple’s End-to-End Encrypted FaceTime
Russia has recently imposed a network-level blockade on Apple’s video-calling service FaceTime, which is developed and operated entirely by Apple and provides users with end-to-end encrypted audio and ...
-
Daily CyberSecurity
Apache HTTP Server 2.4.66 Fixes SSRF Flaw (CVE-2025-59775) Exposing NTLM Hashes on Windows and suexec Bypass
The Apache Software Foundation has rolled out a crucial update for the ubiquitous Apache HTTP Server, addressing five distinct security vulnerabilities. The release of version 2.4.66 serves as a cumul ...